PHP/.htaccess Hacks

Today, I got an email from not a client, but a user of a client’s site telling me something was wrong.

Hearing that isn’t good.

So I combed through the code to see what it could be and found the problem. It seemed the following code was being placed into the .htaccess file:

RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} .**$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*live.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .**$ [NC]
RewriteRule .*¶meter=sf [R,L]

….and this code within index.php files:

< ?php eval(base64_decode("JGw9**bla bla bla bla**")); ?>

That was nasty. Fortunately, it only broke that one site I was contacted about. At first, I thought it wa that my FTP account was hacked or something. However, I found that someone else was having this problem too, and at the same time (or at least 10 or so hours earlier). His post was helpful in helping me not blame myself and see what the situation was as a whole.

After I finished fixing the one site and reading that blog post, I started combing through the other directories. Here’s what I noticed:

  • in each directory, I noticed that the index.php and .htaccess were infected with this code. To check and see if other files had problems as well, I listed all the files in my FTP program by it’s modified date, as shown below:
    Checking to see which files have been affected.
  • Only sites in my /domains directory that were affected had either Horde, WordPress, Drupal, or Modx installed. Even installations that did not have a public URL.
  • I used the following search and replace commands in vim to help out:
    For index.php:


    For .htaccess:


    Warning: This deletes everything after the line it is run on! I could not find a suitable way to include the malicious code into search and replace (it was late), but this helped by going to the top of where the malicious code starts, and running it that way.

That’s enough for now. Some kids my age go out and party. I just fix security issues that arise. – A Website with Testimonies (Coming Soon)

I’ve finally moved forward with developing a new website for testimonies and glorifying my Father. Here it is.

The site’s niche is for believers in Christ who need help putting off the “old man”, moving forward in the “new man,” living to the max (YHWH-max that is), and other related things. There also will be a section for sharing Christ with those who haven’t found Him.

If you have anything you’d like to share, please email me.

But let him that glorieth glory in this, that he understandeth and knoweth me, that I am the LORD which exercise lovingkindness, judgment, and righteousness, in the earth: for in these things I delight, saith the LORD. – Jeremiah 9:24 (KJV)

Day Labor Sucks

I’m usually not one to write a negative post (or at least try), but I’ve been itching to write it.

So now that I’ve reduced my work schedule and started to set up my freelance web design business, I’ve been looking for work. It’s really cool that I’ve been given the opportunity to have the freedom of working freelance. I can adjust my schedule (within reason), plan vacations, and give myself a raise occasionally.

The slight disadvantage of this, however, is that I have to be actively looking for clients. I have to work for work. However, this gives me an oppportunity to trust my Father more and more for my needs.

Anyway, the point I’m trying to make here is that I have to look for work. So far I have two primary ways to find more business:

  • Find work with local businesses and organizations, and get word-of-mouth refferals from those clients
  • or

  • Using sites on the web, namely GetaFreelancer

When I signed up for GetaFreelancer, I thought I would be able to find so much work, I’d be fine. However, what I found was not unlike a day labor site for web designers.

First, many of the projects are riduclously underbudgeted. For example, one buyer wanted a “web 2.0 site” for $30-100. Also, I saw one project from a buyer in Alabama that preffered suppliers who worked “under $5 hour.” How do these people expect us to live?

Because of these underbudgeted projects, there are many providers who aren’t that good. Some providers’ portfolios were impressing. Unfourtunately, however, most of the providers on GetaFreelancer make lousy websites, whether it’s lack of skill or experience, or a lack of care. I believe the lack of care bugs me the most. Many of the projects bids are autoposts from people too darned lazy to read through the projects. There are other things too, but I’m not in the mood to write them. I decided to do this not because I think I’m the best, but to work towards that goal. I want to improve everyday in my skill, service to clients, salesmanship, and trust in God. In order for me to do that, I have to look towards the best. I can’t hang around providers whose business model is “sell’em cheap.”

Despite all that, however, maybe the one thing that’s really bugging me is that I haven’t landed a single job online. Any fruitful job opportunity has come from local people whom I met face-to-face. So far, that seems to be the best way to find clients. Working with local clients, making sure they are satisfied, and getting referrals (or more business) from that client. It not only works well, it gives a greater satisfaction, too.

Day labor sucks.

JS Variables and IE

While embedding Google Maps into a website I’m working on, I found it caused a scripting error in IE:

Object doesn't support property or method: Line: blah Char: blah

Eventually I found the problem. Apparently IE needs variables to be called in JavaScript. You know, with the actual “var” operator/statement (It’s 2007. Who does that anymore?).

So I’ll have to remember that.

New Web Host (and Job)!

If you haven’t noticed the very cool subdomain, I have a new web host: Media Temple (mt). I’ve heard good things about them, and so far they’ve been great!

Also, in unrelated news, I’ve reduced my schedule at my retail job to one day a week. I’m going for freelance web design/development (which explains the host change) and a full-time college workload again (Yay!) After almost a year of working full (or near full) time in retail, my Father has opened new doors! Will it be hard? Sure, but I know I have someone–The One (and His son 🙂 )–in me.

So I’ll keep praising God (while searching for clients)!

Powered by WordPress